Testing is a process of validating and verifying if a software program or application or product meets the expected business and technical requirements. A widely used technique in practice for ensuring software program quality and reliability is static analysis, wherein a software program or application code is analyzed to detect defects without actually executing the program or application code. During static analysis, an application code is analyzed using static analysis tools, wherein the tools generate one or more static analysis warnings/alarms along with reporting of safe and error program points in the application code. A static analysis alarm generated by static analysis tools may or may not represent a defect/error, and it is a warning to the user denoting a potential defect. The alarms generated are reported to user by the static analysis tools to decide the safety at the program points in the application code corresponding to the warnings.
In practice, a large number of static analysis alarms are generated and most of them are falsely generated due to the approximations used by the static analysis tools. The falsely generated static analysis alarms are referred to as false positives, because they do not represent a defect. Further, the task of classifying the generated static analysis alarms into false positives and true defects/errors is often manual, very tedious and costly. The large number of static analysis alarms generated and the cost involved in classifying the generated static analysis alarms manually have been recognized as major concerns in adoption of static analysis tools in practice. A few existing methods group similar or related static analysis alarms together and represent each group as a single alarm. However, these methods to grouping of static analysis alarms sometimes fail to group alarms related by the same variables or causes, and this failure results in redundancy in reporting of the static analysis alarms.
Further traditional static analysis tools report static analysis alarms at locations where run-time errors are likely to occur. Since a static analysis alarm is reported where run-time error is likely to occur, the user has to traverse the application code backward from the reported alarm program point to the causes of the static analysis alarm to identify whether the static analysis alarm represents an error or not. Furthermore, the traversal process can be a daunting task due to the large size and complexity of industrial application code.